So you want to be a hacker...

[pureh@te]

That's odd. normally 139 and 445 are open by default on xp. the only thing I could think of is if your running a after market firewall. anyway the are more entry vectors which hope fully I will include in part 2 of so you want to be a hacker. If you feel comfortable doing so post a nmap scan and well see what we go and maby some one else can learn something too.

[-~operator~-]

well, don't count me on this. i will check the PC tomorrow and see how it's configured. Nmap scan follows ASAP. Thanks purehate!

[wyze]

Quote:

Originally Posted by purehate

That's odd. normally 139 and 445 are open by default on xp.

...as are many other exploitables by default... I've been scratching my head since day one as to how services like upnp and remote registry are automatic out of the box

Awesome tutorial PH... I bet this tut will help others get motivated in learning how to secure their shares after reading it

[internet0815]

I even have the Status "filtered" on Port 139 -
I have this Status on all Ports.
Its my active Firewall.
After shutdown the Firewall the Port 139 is still open and the Tut works really fine!


One Question.

I tested this on my network.
But is there a possibility to do this right from the internet and not in the netwok, with the real IP, when the Port is not blocked?

[sonicboom]

you let your girlfriend use Windows ME?
*shudders*

[scrissti]

i don't want to be mean, its great stuff you showed how to use those tools, but what did you do that you couldn't do with windows explorer?

[trevelyn]

thats not being "mean" he states that the article is not his...

yeah if you're within the LAN you could simply issue a "smbtree -N" for that info. 3 things i dont get:

1. how does that make one a hacker?

2. "As high speed connections proliferate, more and more windows clients are coming on the internet. " ? how is that proportioned? There's more windows clients "coming" on the internet because of lack of intelligence, and corporations that dont care.

3. I think more people have NAT devices than not and if so, that means the port in the gateway/router would have to be forwarded from the WAN to the machine hosting the service on the LAN to "exploit" it. Though, i guess "exploit" doesnt seem to fit in this thread, and "accessing shared files that are not yours is most certainly a crime." heh, if they're shared, they're shared. if not, then they are not yours.

im glad YOU didn't write that article, cos its worthless. the only thing I see someone gaining out of it is bad networking skills.

also to mount things using the GUI you can use windows explorer. I use Nautilus and just put smb:/// in the address bar.

[pureh@te]

I'll be waiting for a much better tutorial from you with proof of concept. Post it by tomorrow please.


Edit: The point of the article was in reference to a lot of people wanting to know how to access shares on a windows box with bt2. I like to only use the tools included in the Distro so every one is one the same page. I'm sorry you didn't like it.

[trevelyn]

i have no idea why a tutorial on that is needed. I was under the impression it was to start someone off as being a hacker due to the title. I didn't know you would get offensive by the remark as you saidd it wasn't written by you.

"I've had a lot of questions about exploiting lately so here is step one."

and again, nothing is exploited, even if they do need help with bt2 mounting smb shares.

here:

http://zombie.el.cx/texts/hacking/pdfs/smbshares.pdf

If someone is eager to learn more about SIMPLE introductory hacking try this:

http://zombie.el.cx/texts/hacking/pdfs/pentesing.pdf

i realize theres an error about the missing "k" behind the 50 in the WEP section.

I only want to help, I have experience from Weak-Net Labs and have been using the security distros since WHAX! and Auditor.

[spankdidly]

Lol, I think you made fun of the other tutorial so someone would respond and then you could respond by posting "your's". Next time, just start a new thread and say "Hey, I have some tutorials" because that's a bit quicker, and there's less drama in the forums.